Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Font Library: fix endpoint permissions #54751

Closed
matiasbenedetto opened this issue Sep 23, 2023 · 1 comment · Fixed by #54829
Closed

Font Library: fix endpoint permissions #54751

matiasbenedetto opened this issue Sep 23, 2023 · 1 comment · Fixed by #54829
Assignees
@madhusudhand
Labels
[Feature] Typography Font and typography-related issues and PRs [Status] In Progress Tracking issues with work in progress [Type] Bug An existing feature does not function as intended

Comments

@matiasbenedetto
Copy link
Contributor

matiasbenedetto commented Sep 23, 2023
edited
Loading

It is necessary to fix the font library endpoints font permissions check.

Check the right folder

We need to check for write permissions in the right folder:
Currently, wp-content/upload/fonts/ is checked instead of wp/content/fonts.

Endpoints

  • GET /fonts/collections/
  • GET /fonts/collections/<id>/
    Should not check for write permissions on disk.
  • POST /fonts
    Should check for write permissions on disk only if any font families received have font faces defined with reference to files: downloadFromUrl or uploadedFile.
    Should return HTTP error code 403 if there are no permissions.
  • DELETE /fonts
    Should not check write permissions. The font asset will be try to be removed and if it fails it will return error for that particular font face.
@matiasbenedetto matiasbenedetto added [Type] Bug An existing feature does not function as intended Needs PHP backport Needs PHP backport to Core [Feature] Typography Font and typography-related issues and PRs labels Sep 23, 2023
@matiasbenedetto matiasbenedetto mentioned this issue Sep 26, 2023
Closed
18 tasks
@madhusudhand madhusudhand self-assigned this Sep 27, 2023
@madhusudhand madhusudhand mentioned this issue Sep 27, 2023
Closed
@github-actions github-actions bot added the [Status] In Progress Tracking issues with work in progress label Sep 27, 2023
@madhusudhand
Copy link
Contributor

Should check for write permissions on disk only if any font families received have font faces defined with reference to files: downloadFromUrl or uploadedFile.

@matiasbenedetto can you provide more details on the request payload scenarios. Are these downloadFromUrl or uploadedFile. (one of them) always present?

@matiasbenedetto matiasbenedetto mentioned this issue Sep 28, 2023
Merged
@youknowriad youknowriad removed the Needs PHP backport Needs PHP backport to Core label Feb 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@madhusudhand madhusudhand

Labels
[Feature] Typography Font and typography-related issues and PRs [Status] In Progress Tracking issues with work in progress [Type] Bug An existing feature does not function as intended
Projects
No open projects
WordPress 6.4 Editor Tasks
Status: Done
Milestone
No milestone
3 participants
@youknowriad @matiasbenedetto @madhusudhand